I have not tried fail2ban, i will check it out on this, hopefully by
weekend.
Regards
Jithesh
On Tue, 16 Jun 2015 08:12:19 -0700, Mauricio Tavares <[email protected]>
wrote:
On Tue, Jun 16, 2015 at 9:51 AM, Jithesh AP <[email protected]> wrote:
Ok thank you for the info, this did scare me :). Its taxing my small
system.
Have you considered running something like fail2ban on the
system? It would temporarily (you set the time) block said IP at the
firewall, which usually make them look for easier pickings.
Regards
Jithesh
On Tue, 16 Jun 2015 06:48:01 -0700, Viktor Dukhovni
<[email protected]> wrote:
On Tue, Jun 16, 2015 at 06:43:47AM -0700, Jithesh AP wrote:
I have an attack on my mail system and the mail i got from mailer
deamon
is
(got 1000s of such mails)
You've set "notify_classes" to send you too much email.
----------------------------------
Transcript of session follows.
Out: 220 ml.w8timez.com ESMTP Postfix
In: HELO 54.183.212.207
Out: 250 ml.w8timez.com
In: MAIL FROM: <[email protected]>
Out: 250 2.1.0 Ok
In: RCPT TO: <[email protected]>
Out: 451 4.3.0 <[email protected]>: Temporary lookup failure
Out: 421 4.7.0 ml.w8timez.com Error: too many errors
Session aborted, reason: too many errors
Not much of an attack, just an open-relay test. Just ignore it,
and ideally arrange to not be notified about it.
Any specific suggestions to close such attack?
# No postmaster notices, just read the logs.
#
notify_classes =
--
Using Opera's mail client: http://www.opera.com/mail/
--
Using Opera's mail client: http://www.opera.com/mail/
